Access Management

From IT Process Wiki
Revision as of 19:40, 9 November 2007 by Andrea (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
diese Seite auf Deutsch

ITIL Version: ITIL Version 3 (ITIL V3)

Process Objective: To grant authorized users the right to use a service, while preventing access to non-authorized users. The Access Management processes essentially executes policies defined in IT Security Management. Access Management is sometimes also referred to as Rights Management or Identity Management.

Part of: Service Operation

Process Owner: IT Operations Manager


ITIL V3 vs. ITIL V2: Access Management

  • Access Management was added as a new process to ITIL V3
  • The decision to include this dedicated process was motivated by IT security reasons, as granting access to IT services and applications only to authorized users is of high importance from an IT Security viewpoint


Sub-Processes of Access Management (ITIL V3)

Overview of the Access Management Process, ITIL V3 (.pdf)
Maintain Catalogue of User Roles and Access Profiles
Process Objective: To make sure that the catalogue of User Roles and User Access Profiles is still appropriate for the services offered to customers, and to prevent unwanted accumulation of acces rights.
Manage User Access Requests
Process Objective: To process requests to add, change or revoke access rights, and to make sure that only authorized users are granted the right to use a service.



Roles within Access Management (ITIL V3)